<?php

if(isset($_POST['password']) && isset($_POST['username'])){
#if it is a login request

  #Get username and password from post
  $password = md5($_POST['password']);
  $username =     $_POST['username'];

  #Require usr db model
  require_once $BASE_PATH . 'm/usr.php';

  $usrcn = new USR(DBHOST, DBUSER, DBPASS, DBNAME);

  $userInfo = $usrcn->get($username);

  if($userInfo){
    #Check the username and password
    #If login success, set session['usr']
    if($userInfo['pwd'] === $password){

      $_SESSION['usr'] = $userInfo['uid'];

      echo '{"code": 0}';

    }else{

      echo '{"code": 2, "message": "password wrong"}';

    }

  }else{
    echo '{"code": 1, "message": "user not exist"}';
  }
}

